15 Bypass authentication to enter the ASP page directly.
Vulnerability Description:
If the user knows the path and filename of an ASP page, and the file is authenticated, the user enters the file directly into the ASP page
Name, it is possible to bypass validation. For example: I have tried this on some websites: first, close all browsers, Windows, and enter:
Http://someurl/system_search.asp?page=1
Just like to see the page can only be seen by the system members. Of course, some people in order to prevent this situation will also be at the beginning of system_search.asp to add a judgment, such as:
Judge session ("System_name"), if not empty, you can enter, so that the above URL request can not go directly to the Administrator page. But this method also has a
Vulnerability, if the attacker first uses a legitimate account number, or generates a session on the computer, such as "system_name" = "Admi", that is because
Session ("System_name") is not empty, so you can directly enter the bypass password, directly into the Administrator page.
Workaround:
At the beginning of the ASP page that needs to be validated, handle it accordingly. For example: You can track the file name of the previous page, only the session from the previous page to read this
Page.
16, iis4.0/5.0 Special data format URL request remote Dos attack
Vulnerability Description:
When a Web service with IIS4.0 or IIS5.0 is installed, requesting a URL with a special data format slows down the response of the attacked Web server and may
Cause it to stop responding temporarily.
Affected version:
MicrosoftInternetInformationServer4.0
MicrosoftInternetInformationServer5.0
The vulnerability test procedure is as follows:
Http://202.96.168.51/download/exploits/iisdos.exe
The source code is as follows:
Http://202.96.168.51/download/exploits/iisdos.zip
Test program:
You can attack each other with a:iisdos<***.***.**.**>. Web server
Problem solving:
InternetInformationServer4.0:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20906
InternetInformationServer5.0:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20904
For more information:
Http://www.microsoft.com/technet/security/bulletin/ms00-030.asp
Microsoft Security Bulletin ms00-021:
Http://www.microsoft.com/technet/security/bulletin/fq00-030.asp
Related connections
Http://www.ussrback.com
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
